Your identity is one of your most valuable personal assets. It defines who you are. It can save you big money when applying for loans (if you protect it), or it can cost you big bucks when an unauthorized person uses it. I ran across an article from the New York Times on identity thieves buying complete identities ^[2]… names, Social Security numbers, addresses, dates of birth, functioning credit card ^[3] numbers and more for as little as two dollars. Two bucks and your life could be thrown into turmoil. The information is being sold through online auctions and the bounty is credit card ^[3] numbers, bank account ^[4] numbers and other personal information. According to the article, the number of these auctions have increased exponentially in the past two years. This increase in identity auctions has allowed identity thieves to buy personal information in bulk, almost like buying cereal at Sam’s or Costco, except your identity is cheaper than a box of cereal.

The worst part is that most people don’t even know these types of online auctions exist. I know I didn’t. But by understanding how these auctions work and how your personal information could be obtained, you can take steps to protect against identity thieves getting credit in your name. What costs a thief two dollars for your identity could cost you thousands of dollars to get corrected, not to mention sleepless nights and constant worry.

According to the FBI and the National White Collar Crime Center, 2007 saw Americans report losses of $239 million as a result of online fraud ^[5], with average losses running around $2,530. As identity thieves learn new tactics, some have even recruited computer hackers to defraud consumers of personal information, such as credit or debit cards, Social Security numbers, etc. The stolen data is then sold through instant-message groups or online forums that last only hours or days, to avoid being tracked by authorities.

These evolving identity theft techniques mean that your identity could be vulnerable at any time, not just if you forget to shred your credit card ^[3] statement or f you’ve had your wallet stolen. Be sure to take necessary precautions when shopping or banking online to make sure that sites requiring personal information are legitimate and secure.

1. Don’t fall for a phishing e-mail.

Phishing occurs when an identity thief uses e-mail or phone calls to pose as a trustworthy organization to coax sensitive information from victims. According to information from The Better Business Bureau ^[7], 3.6 million U.S. adults lost money in phishing attacks in the 12 months ending in August 2007, as compared with the 2.3 million who did so the year before. How much in total? Try $3.2 billion…yes with a “B.”

Phishing e-mails can look like the real thing with the official logos of banks, government agencies, or credit card ^[3] companies. The e-mails usually include links that direct you to a Web site designed to install viruses and malware or trick you into entering your bank account ^[4] or Social Security numbers.

If you get an email asking you to submit some sensitive information, first call the organization to confirm whether or not the e-mail is legitimate. Banks, brokerage firms,the IRS and other government agencies generally do not use e-mail to contact consumers about any issues or problems that require action on the part of the recipient, so e-mails appearing to be from these sources should be verified and then deleted immediately.

2. Create strong passwords and protect them.

If you regularly change your passwords, you become a moving target for identity thieves. They don’t like moving targets, they’re too hard to hit, so they will move on to an easier mark. Get in the habit of regularly changing your passwords to make it much more difficult for ID thieves to steal your personal information. Bear in mind, however, that some passwords are stronger than others. A good, secure password will have a unique combination of numbers, capitalized letters and even symbols (kT9b4#A2 for example). Never, ever use sensitive information for a password such as your Social Security number, mother’s maiden name or birthday. That can be just too easy.

3. Be safe and secure when on the go.

If you’re using someone elses computer, or a public computer of any kind, avoid entering any of your personal information. Internet cafes, airport kiosks, public computers, or those at the library could have been hacked to store and transmit your sensitive information. Thieves will install “keystroke loggers” that remember every key your press, including the website your visit as well as your screen names and passwords.

Also, beware of Wi-Fi networks since these present even more opportunities for ID thieves. The easiest way to protect a Wi-Fi network ^[8] at home is to not broadcast the signal without requiring a password. A safe rule of thumb is to avoid exchanging sensitive information through the Internet when using a public Wi-Fi connection and to simply wait until a trusted network ^[8] can be used.

4. Guard personal computers with anti-virus, anti-spyware, and firewall protection.

Opinions vary, but in as little as 4 minutes, a virus or malware can infect an unprotected personal computer so always have good anti-virus software, as well as anti-spyware and firewall protection. Consumers can purchase protective software, but there are also a number of reputable, free programs available for download online. Many operating systems already provide firewall protection so users should always make sure this protection is enabled.

After getting your security software, keep the programs updated! Operating systems may require patches and other additional updates that computer users need to install in order to maintain good security.

5. Only transfer information over a secure server.

Never give out any personal sensitive information unless it’s on a secure server. On a secure server, the information is encrypted as it is being transmitted to prevent other parties from being able to read it if they manage to intercept it.

How do you know you’re on a secure server? An unsecured URL will look like this: http://www.nameofwebsite.com. A secure server will have an “S” either in front of or following the “http”, and it will look like this: https://www.nameofwebsite.com or shttp://www.nameofwebsite.com.

Identity theft is a pain in the neck. Believe me, I know about it firsthand ^[9]. But I have learned some powerful lessons and have taken additional steps to prevent it in the future ^[10].

You can recover, but it’s an arduous process and it wears you out. I now have my credit monitored on a regular basis by Equifax. There’s nothing like the peace of mind that comes from knowing someone is watching out for you.

---

What others are saying:

6 digitally traceable tracks we unconsciously leave behind ^[11] @ Marc and Angel Hack Life
Living it up. Young Philly couple charged with identity theft ^[12] @ Consumerism Commentary
How to detect and avoid IRS tax scams and identity theft ^[13] @ Cash Money Life ^[14]
What if someone you know steals your identity? ^[15] @ Get Rich Slowly
Protecting yourself against identity theft ^[16] @ Moolanomy ^[17]
Fraud, crime, and other things gone awry ^[18] @ The Digerati Life

[tags]identity, personal, secure, thieves, credit, numbers, online, security, auctions, computer, email, passwords, protect, protection, server, theft[/tags]

_{»crosslinked« ^[23]}